Home > Uncategorized > Game Over For Windows Vista’s Security?

Game Over For Windows Vista’s Security?

May 12th, 2008 Leave a comment Go to comments

I picked up an interesting story over at Neowin entitled Vista;s Security Rendered Completely Useless by New Exploit which reports on a new technique hat can bypass all memory protection safeguards that Microsoft built into Windows Vista.

The researchers were able to load whatever content they wanted into any location they wished on a user;s machine using a variety of scripting languages, such as Java, ActiveX and even .NET objects. This feat was achieved by taking advantage of the way that Internet Explorer (and other browsers) handle active scripting in the Operating System.

Instead of exploiting a security vulnerability the researchers Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. of the architecture of Windows Vista. Another researcher described the technique as completely game over.

It;s currently not known if other operating systems are vulnerable as well but it is very likely. The best against this attack would be an add-on like NoScript that would most likely prevent it completely.

Author: Martin Brinkmann
Game Over For Windows Vista’s Security?

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.